CVE-2022-27528
A maliciously crafted DWFX and SKP files in Autodesk Navisworks 2022 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
Source: CVE-2022-27528
[월:] 2022년 04월
CVE-2022-27567
CVE-2022-27567
Null pointer dereference vulnerability in parser_hvcC function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attackers.
Source: CVE-2022-27567
CVE-2022-27568
CVE-2022-27568
Heap-based buffer overflow vulnerability in parser_iloc function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.
Source: CVE-2022-27568
CVE-2022-27569
CVE-2022-27569
Heap-based buffer overflow vulnerability in parser_infe function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.
Source: CVE-2022-27569
CVE-2022-26093
CVE-2022-26093
Null pointer dereference vulnerability in parser_irot function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.
Source: CVE-2022-26093
CVE-2022-26091
CVE-2022-26091
Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that physical attackers can bypass Knox Manage using a function key of hardware keyboard.
Source: CVE-2022-26091
CVE-2022-25792
CVE-2022-25792
A maliciously crafted DXF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated buffer through Buffer overflow vulnerability. This vulnerability can be exploited to execute arbitrary code.
Source: CVE-2022-25792
CVE-2022-25789
CVE-2022-25789
A maliciously crafted DWF, 3DS and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
Source: CVE-2022-25789
CVE-2022-25614
CVE-2022-25614
Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.7 allows an attacker to Sync with Zoom Meetings.
Source: CVE-2022-25614
CVE-2022-26090
CVE-2022-26090
Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows that attackers can access contact information without permission.
Source: CVE-2022-26090